CVE-2025-60054
CVE-2025-60054 affects the WordPress OnLeash theme (AncoraThemes OnLeash) version <= 1.5.2. The vulnerability is an improper control of the filename used in PHP include/require, enabling PHP Local File Inclusion (LFI). The issue arises from how filenames are handled in the OnLeash code path, a...